Add POST /api/registration

This URL sets a random 32 octet token as cookie `token` in Base64 encoding. The SHA256 hash of the binary token is written as response also in Base64 encoding.
author: xengineering <me@xengineering.eu> 2026-05-24 14:12:03 +0200
committer: xengineering <me@xengineering.eu> 2026-05-24 14:45:33 +0200
commit: 3b28132b56836d2f7bd3ce01430d334eb7bffa3b (patch)
tree: 108025b93a270e5ba84aa7f6497b0b5d2d11e5e3 /token.go
parent: d7d46df8c4d019be48f7aa0790aa8a2349e45e20 (diff)
download: finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.tar
finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.tar.zst
finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.zip
1 files changed, 33 insertions, 0 deletions
diff --git a/token.go b/token.go
new file mode 100644
index 0000000..bfb77d2
--- /dev/null
+++ b/token.go
@@ -0,0 +1,33 @@
+package main
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/base64"
+)
+
+type Token struct {
+	secret []byte
+}
+
+func NewToken() (Token, error) {
+	token := Token{}
+	token.secret = make([]byte, 32)
+
+	_, err := rand.Read(token.secret)
+	if err != nil {
+		return token, err
+	}
+
+	return token, nil
+}
+
+func (t Token) Public() string {
+	hash := sha256.Sum256(t.secret)
+
+	return base64.StdEncoding.EncodeToString(hash[:])
+}
+
+func (t Token) Private() string {
+	return base64.StdEncoding.EncodeToString(t.secret[:])
+}
author	xengineering <me@xengineering.eu>	2026-05-24 14:12:03 +0200
committer	xengineering <me@xengineering.eu>	2026-05-24 14:45:33 +0200
commit	3b28132b56836d2f7bd3ce01430d334eb7bffa3b (patch)
tree	108025b93a270e5ba84aa7f6497b0b5d2d11e5e3 /token.go
parent	d7d46df8c4d019be48f7aa0790aa8a2349e45e20 (diff)
download	finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.tar finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.tar.zst finserv-3b28132b56836d2f7bd3ce01430d334eb7bffa3b.zip